Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: harmony-dev@incubator.apache.org
Received-SPF: pass (asf.osuosl.org: domain of mloenko@gmail.com designates
 64.233.182.184 as permitted sender)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=d6KuHWwp1ABNcjlN/RMCD+kiD7tIdKB95TtvozQcuxIBtLlS1QFad17P933G3Hr4LYDiQSIJk7Cq+f7F4MnXbJbU/QcJhtlk/okO9AFbxPW0ehPMeXWqzgIYKJ3bcKQMXQ8L7rqmwx41sE2Jh0NSY2SKogE4Vk2tRRkYuPjX3Kc=
Message-ID: <906dd82e0608142001j7e1e6a83of49e6505c5bab1ca@mail.gmail.com>
Date: Tue, 15 Aug 2006 10:01:49 +0700
From: "Mikhail Loenko" <mloenko@gmail.com>
To: harmony-dev@incubator.apache.org, geir@pobox.com
Subject: Re: [tools] Re: Keytool is done, JarSigner is next.
In-Reply-To: <44E057AF.4010603@pobox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <25deb7630608110502q339351d6h8e352f462d174156@mail.gmail.com>
	 <44DC8647.9000906@pobox.com>
	 <906dd82e0608132157y604b6635la35bcb3f747caedd@mail.gmail.com>
	 <44E004EC.20008@pobox.com>
	 <906dd82e0608132232o7339813cqe534808a24a872c3@mail.gmail.com>
	 <44E057AF.4010603@pobox.com>

2006/8/14, Geir Magnusson Jr <geir@pobox.com>:
>
> Mikhail Loenko wrote:
> > Ok, sure.
> >
> > One thing that IMHO worth discussion is:
> >
> > By default the server tries to go to Sun's ssl provider:
> > com.sun.net.ssl.internal.ssl.Provider
> >
> > Though it seems to be possibe to specify a custom provider by defining
> > a property
> > org.w3c.jigsaw.ssl.security.provider
> >
> > But to figure that out I had to grep Jigsaw sources
>
> Hm.  What does jetty and tomcat do?
>
> >
> > The question is should we provide our own com.sun...Provider?
>
> You probably can guess my answer to this...
>
> >
> > It would look like this way:
> >
> > package com.sun.net.ssl.internal.ssl;
> > import org.apache.harmony.xnet.provider.jsse.JSSEProvider;
> > public class Provider extends JSSEProvider {
> > }
> >
> > Thanks,
> > Mikhail
> >
> > P.S. I was able to easily start Jigsaw HTTP server and navigate a bit.
> > I used IBM VM+Harmony classlib
>
> What happens when you used DRLVM?

I'm going to check. Acually I beleive it might be a bit too early to
do app-driven
bugfix in DRLVM. Though when running apps we find real-life bugs but
it's easier to
fix those bugs that are reproducoble on small code examples. Given that not
all the classlib tests pass on DRLVM+classlib it might make sense to fix those
failures and than switch to app-driven bugfix

Thanks,
Mikhail

>
> geir
>
> >
> > 2006/8/14, Geir Magnusson Jr <geir@pobox.com>:
> >> Side note :
> >>
> >> Can you keep notes so that when you get things working, we can post to
> >> website as docs?
> >>
> >> geir
> >>
> >>
> >> Mikhail Loenko wrote:
> >> > Hi Anton,
> >> >
> >> > I'm trying to run Jigsaw https server. I used Harmony keytool to
> >> generate
> >> > keystore according to Jigsaw mans:
> >> >
> >> > keytool -genkey -alias troi.example.com -keypass example -keystore
> >> > troi.keystore -keyalg RSA
> >> >
> >> > so far works OK
> >> >
> >> > keytool -selfcert -alias troi.example.com -keystore troi.keystore
> >> > -keyalg RSA
> >> >
> >> > prints this error message:
> >> >
> >> > Enter keystore password: example
> >> > java.security.NoSuchAlgorithmException: The algorithm
> >> > MD5WithRSAEncryption is not found in the environment.
> >> >        at
> >> > org.apache.harmony.tools.keytool.KeyCertGenerator.genX509CertImpl(Key
> >> > CertGenerator.java:40)
> >> >        at
> >> > org.apache.harmony.tools.keytool.KeyCertGenerator.selfCert(KeyCertGen
> >> > erator.java:335)
> >> >        at org.apache.harmony.tools.keytool.Main.doWork(Main.java:78)
> >> >        at org.apache.harmony.tools.keytool.Main.run(Main.java:125)
> >> >        at org.apache.harmony.tools.keytool.Main.main(Main.java:141)
> >> >
> >> >
> >> > Any idea how to solve this? Do we miss some functionality in Harmony?
> >> >
> >> > Thanks,
> >> > Mikhail
> >> >
> >> > 2006/8/11, Geir Magnusson Jr <geir@pobox.com>:
> >> >> 1) YAY!
> >> >>
> >> >> 2) No objections for jarsigner, but rather thanks and encouragement!
> >> >>
> >> >> 3) You may have been doing the following and I simply missed it,
> >> but I'd
> >> >> suggest that you keep a stream of patches coming on things like
> >> this so
> >> >> that people can see and get involved and also discuss more of your
> >> >> experience doing this on the list as it happens.
> >> >>
> >> >> 4) Can you add [tools] to your subject lines?  :)
> >> >>
> >> >> geir
> >> >>
> >> >>
> >> >>
> >> >> Anton Rusanov wrote:
> >> >> > I'm happy to write this - Keytool is done and operative now. :)
> >> >> > It has the same functionality as the one from RI with some
> >> >> improvements.
> >> >> > In addition to what RI can do the Harmony Keytool is able to
> >> >> > * generate X.509 certificates v2, v3.
> >> >> > * sign a certificate with another key from the keystore
> >> >> > * generate and manage secret keys
> >> >> > * convert a keystore to another format
> >> >> > * check certificate revocation status
> >> >> > * verify a certificate chain
> >> >> > * use specific providers for various purposes.
> >> >> >
> >> >> > There is still a little problem with making an executable of the
> >> tool
> >> >> > in the build. So you can follow the steps to make it on your own:
> >> >> > 1. copy deploy\jdk\jre\bin\java.exe to
> >> deploy\jdk\jre\bin\keytool.exe
> >> >> > 2. copy deploy\jdk\lib\tools.jar into deploy\jdk\jre\bin\
> >> >> > 3. run keytool.exe
> >> >> >
> >> >> > I want to thank Mikhail for applying my patches.
> >> >> > I'm going to start work on JarSigner tool. Does anyone have
> >> objections
> >> >> > to me doing this?
> >> >> >
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> Terms of use : http://incubator.apache.org/harmony/mailing.html
> >> >> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> >> >> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >> >>
> >> >>
> >> >
> >> > ---------------------------------------------------------------------
> >> > Terms of use : http://incubator.apache.org/harmony/mailing.html
> >> > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> >> > For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >> >
> >> >
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> Terms of use : http://incubator.apache.org/harmony/mailing.html
> >> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > Terms of use : http://incubator.apache.org/harmony/mailing.html
> > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >
> >
> >
>
> ---------------------------------------------------------------------
> Terms of use : http://incubator.apache.org/harmony/mailing.html
> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
>
>

---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org